package com.hairline.config;

import com.hairline.shiro.AdminRealm;
import com.hairline.shiro.ShiroSessionManager;
import com.hairline.shiro.WxRealm;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.handler.SimpleMappingExceptionResolver;

import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.Properties;

@Configuration
public class ShiroConfig {

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultSecurityManager defaultSecurityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(defaultSecurityManager);

        //设置认证失败时重定向的url
         // shiroFilterFactoryBean.setLoginUrl("/admin/auth/login");

        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        
        //filterChainDefinitionMap.put("/admin/auth/login", "anon");
        //filterChainDefinitionMap.put("/admin/auth/info", "authc");
        //filterChainDefinitionMap.put("/**", "authc");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        return shiroFilterFactoryBean;
    }

    //核心组件
    @Bean
    public DefaultWebSecurityManager defaultSecurityManager(AdminRealm adminRealm,
                                                            ContralRealmAuthenticator contralRealmAuthenticator) {


        DefaultWebSecurityManager defaultSecurityManager = new DefaultWebSecurityManager();
        defaultSecurityManager.setRealm(adminRealm);

        //自己写的contraller 通知给 SecurityManager
        defaultSecurityManager.setAuthenticator(contralRealmAuthenticator);
        //告知 SessionManager
        defaultSecurityManager.setSessionManager(webSessionManager());
        return defaultSecurityManager;
    }


    //开启filter注解
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultSecurityManager defaultSecurityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(defaultSecurityManager);
        return authorizationAttributeSourceAdvisor;
    }


    //维护Session,并告知 securityMannger
    @Bean
    public DefaultWebSessionManager webSessionManager() {
        ShiroSessionManager shiroSessionManager = new ShiroSessionManager();
//        shiroSessionManager.setGlobalSessionTimeout(50000);

        return shiroSessionManager;
    }


    //注册自定义的realm分发器
    //要传入自己定义的realm
    @Bean
    public ContralRealmAuthenticator contralRealmAuthenticator(AdminRealm adminRealm, WxRealm wxRealm) {
        ContralRealmAuthenticator contralRealmAuthenticator = new ContralRealmAuthenticator();
        ArrayList<Realm> realms = new ArrayList<>();
        realms.add(adminRealm);
        realms.add(wxRealm);
        contralRealmAuthenticator.setRealms(realms);
        return contralRealmAuthenticator;
    }

    @Bean
    public SimpleMappingExceptionResolver simpleMappingExceptionResolver() {
        SimpleMappingExceptionResolver resolver = new SimpleMappingExceptionResolver();
        Properties mappings = new Properties();
        mappings.put("java.lang.NullPointerException", "/wx/auth/needLogin");
        resolver.setExceptionMappings(mappings);
        return resolver;
    }

}
